There exist computer-networking protocols that allow computing devices to synchronize their internal clocks with remote, official timekeepers. In some applications, such as international financial transactions, the requirements for synchronization are becoming increasing strict, calling for, in the near future, near-nanosecond agreement with a master clock.
However, achieving the requisite clock agreement is less than useful if the timing information sent over the network is not secure against malicious interference. For clock-synchronization, as well as for many other applications, computing devices use encryption techniques both to secure their transmissions and to authenticate their identities to their interlocutors.
In order to support the necessary dual functions of securing information and authenticating itself to other devices, a typical computing device uses two items: First, one or more secret cryptographic keys and, second, dedicated cryptographic hardware. That hardware reads the keys and may use them (i) to encode the information that the computing device wishes to send, (ii) to decode encrypted information that the computing device has received, (iii) to authenticate the device to remote devices, and (iv) to check the authentication of those remote devices in turn.
However, both of these two items have decided drawbacks in their current implementations. The cryptographic hardware is expensive, and it consumes a significant amount of power and space within the computing device. This hardware may also be vulnerable to malicious attacks if the computing device falls into the wrong hands.
The device's cryptographic keys are kept secret and are stored in the device's non-volatile memory. But just like a physical key to a physical lock, if a malicious party can find the key, then the key can be copied or destroyed which would impair the security of the computing device.